Environment
Security Manager 6.x
iSeries
Situation
PSESNDLOG ERROR: Unable to send results. Unable to re-connect to VigilEnt using 10.22.68.136 on Port 1636
logmanager.log on CC
2011-02-07 10:40:24,132 ERROR [mk-4] [StreamToReport] socket io error - changing report SerialID=11775492 to an error report
2011-02-07 10:40:24,132 ERROR [mk-4] Exception occured
java.net.SocketException: Socket Closed
at java.net.PlainSocketImpl.setOption(PlainSocketImpl.java:177)
at java.net.Socket.setSoTimeout(Socket.java:924)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.setSoTimeout(DashoA6275)
at com.pentasafe.mkx.net.ssl.VsslSocket.setSoTimeout(VsslSocket.java:118)
at com.pentasafe.mk.select.SocketProcess.doProcess(DashoA8189)
at com.pentasafe.mk.select.SocketProcess.doRun(DashoA8189)
at com.pentasafe.mk.select.SocketProcess.run(DashoA8189)
at com.pentasafe.mk.threads.WorkerThread.run(DashoA8189)
2011-02-07 10:40:24,194 ERROR [mk-2] [StreamToReport] socket io error - changing report SerialID=11775495 to an error report
2011-02-07 10:40:24,210 ERROR [mk-2] Exception occured
java.net.SocketException: Socket Closed
at java.net.PlainSocketImpl.setOption(PlainSocketImpl.java:177)
at java.net.Socket.setSoTimeout(Socket.java:924)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.setSoTimeout(DashoA6275)
at com.pentasafe.mkx.net.ssl.VsslSocket.setSoTimeout(VsslSocket.java:118)
at com.pentasafe.mk.select.SocketProcess.doProcess(DashoA8189)
at com.pentasafe.mk.select.SocketProcess.doRun(DashoA8189)
at com.pentasafe.mk.select.SocketProcess.run(DashoA8189)
at com.pentasafe.mk.threads.WorkerThread.run(DashoA8189)
2011-02-07 10:43:01,112 ERROR [mk-14] Exception occured
java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:168)
at com.sun.net.ssl.internal.ssl.InputRecord.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.InputRecord.read(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA6275)
at com.pentasafe.mk.net.VssInputStream.e(Da
Resolution
1. Go to the Central computer in question\C:\program files\netiq security manger\onepoint\mk.options
2. Add the following line the the mk.options file.
server/hostaddress=10.22.132.XX
where XX is the last segment of the IP address of the Computer Computer [Server To Server interface].
Note: this will have to be done on any Central computer that is recieving data from iSeries boxes.
Cause
This is a dual interface routing problem
Example:
The Central Computer has two network cards:
10.22.68.XX [Client to Server interface] C2S
10.22.132.XX [Server to Server interface] S2S
The iSeries computer has two network cards:
10.20.218.YY [Server to Server interface] S2S
10.0.1.YY [Client to Server interface] C2S
When a Central Computer communicates to the iSeries computer, it send the requests over the C2S interface on the Central Computer to the S2S interface on the iSeries box: E.g. 10.22.68.XX --> 10.20.218.YY
When the iSeries computer sends back the reply, will be over the same interface, which means it will try to communicate to the C2S interface on the Central Computer. E.g. 10.20.218.YY --> 10.22.68.XX
Port 1636 will not be available on this interface.
How to solve this issue, the details described below.
But in short, they need to add the following line
server/hostaddress=10.22.132.XX
where XX is the last segment of the IP address of the CC [Server To
Server interface].